Currently there is a check performed in hook_user_update, which throws up an error message if the current user doesn't have ability to edit the account being updated. This breaks in conjunction with rules, and probably anything that might run in a cron job.

This module should only be blocking the ability to administer users - not access to the underlaying api functions.